Methods and systems for managing enterprise assets
First Claim
Patent Images
1. A method for managing assets in a corporate entity, the method comprising:
- providing a first server controlled by corporate entity, the first server configured to;
store a plurality of asset profiles associated with a plurality of processor-controlled devices associated with the corporate entity,determine at least one security requirement based at least in part on risk assessment information associated with the plurality of processor-controlled devices associated with the corporate entity, andmonitor the plurality of processor-controlled devices to detect at least one security vulnerability;
communicating a request for data, via an Internet connection, to a distinct second server that physically resides at a location that is outside the control of the corporate entity;
receiving at the first server, in response to the request to the distinct second server, data associated with the at least one security vulnerability, the data received from the distinct second server that is physically outside the control of the corporate entity via the Internet connection; and
wherein receiving comprises filtering received data based on at least one of;
at least one vulnerability profile, at least one asset profile, at lease on configuration standard, at least one risk assessment, and at least one task list.
1 Assignment
0 Petitions
Accused Products
Abstract
The disclosed methods and systems can be used to manage at least one asset in an Enterprise, where the methods and systems include providing a first server, the first server configured to include at least one asset profile associated with the at least one asset, the first server controlled by the Enterprise, and receiving at the first server, in response to a request to a distinct second server, data associated with at least one vulnerability associated with the at least one asset, where the second server is outside the control of the Enterprise.
-
Citations
41 Claims
-
1. A method for managing assets in a corporate entity, the method comprising:
-
providing a first server controlled by corporate entity, the first server configured to; store a plurality of asset profiles associated with a plurality of processor-controlled devices associated with the corporate entity, determine at least one security requirement based at least in part on risk assessment information associated with the plurality of processor-controlled devices associated with the corporate entity, and monitor the plurality of processor-controlled devices to detect at least one security vulnerability; communicating a request for data, via an Internet connection, to a distinct second server that physically resides at a location that is outside the control of the corporate entity; receiving at the first server, in response to the request to the distinct second server, data associated with the at least one security vulnerability, the data received from the distinct second server that is physically outside the control of the corporate entity via the Internet connection; and wherein receiving comprises filtering received data based on at least one of;
at least one vulnerability profile, at least one asset profile, at lease on configuration standard, at least one risk assessment, and at least one task list. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 32, 33, 34, 35, 36, 37, 38, 39)
-
-
28. A system for managing at least one asset in a corporate entity, the system comprising:
-
a first server controlled by the corporate entity and configured to; store a plurality of asset profiles associated with a plurality of processor-controlled devices associated with the corporate entity, determine at least one security requirement based at least in part on risk assessment information associated with the plurality of processor-controlled devices associated with the corporate entity, and monitor the plurality of processor-controlled devices to detect at least one security vulnerability; and communicate a request for data via an Internet connection; a distinct second server outside the control of the corporate entity, the distinct second server physically residing at a location that is outside the control of the corporate entity, the second server configured to receive the request for data via the Internet connection, the second server configured to provide data to the first server, via the Internet connection, in response to a request from the first server, the data associated with the at least one security vulnerability; wherein; the at least one asset is associated with a user that is an employee of the corporate entity; the distinct second server is configured to; maintain a user account record associated with the user; and perform a lookup operation to determine that the user is associated with the user account record; and wherein the distinct second server is further configured to; based on one or more privileges associated with the user, provide one or more interfaces through which the user can perform a task selected from the group consisting of edit policies, create policies, create or edit configuration standards, create or edit asset profiles, create or edit vulnerability profiles, and create or edit risk assessment questionnaires. - View Dependent Claims (29, 30, 31, 40, 41)
-
Specification